Is the new PHP 5.5 password_hash function secure enough for production applications? (That is, if you follow the recommendations regarding cost and not generating your own salt)
Are the better alternatives out there for PHP?
If someone is using a different BCrypt alternative, should they implement this instead?
